Endings and beginnings spur reflection and hope. Here are three of mine for this transition period: copyright, cybersecurity and social media.
My tenure as the director of information technology policy at Cornell University coincided with the copyright wars. That is what I used to call them, when technology ran ahead of the creative market—notably in literature, movies and music. Early file-sharing programs such as Napster and then later Grokster, Kazaa and LimeWire (to name only a few of the thousands) violated the letter of copyright law, and content owners responded with their cudgel, attacking with lies and shame the soft belly of higher education. This was before Steve Jobs showed content owners how to digitize and monetize their wares. Without a repeal of the Higher Education Opportunity Act of 2008 and its patently unfair and unequal obligations for higher education networks compared with any other internet service providers, content owners have gone back to their limousines and high-rent offices in New York and Los Angeles, pretending that we are all friends now.
At that time, I called for a political movement to reform copyright law. I was hardly alone, with Lawrence Lessig leading the pack that also included William Fisher, Alan Davidson, Miriam Nisbet and Peter Jaszi, among many, many others. In this blog series I laid out 10 specific reforms, from limiting scope and terms to orphan works to the prohibition of ex post facto copyright extension. When I raised the issue with some national library and higher education associations, I was asked, however, to cool it. Why? Can of worms, I was told; content owners were too powerful, especially as lobbyists and among the members of Congress, friends of Democratic presidents and allies of Republicans. Opening the 1976 Copyright Law could result in heightening the already notably imbalance between innovation and incentive favoring the latter. Hey, I lived in the southern tier of New York State—in other words, the boondocks. They were in the Beltway—what did I know?
It is now 2023, one year into the dawning of generative artificial intelligence. (I call it consumer AI, but whatever.) It is a new day, and with myriad copyright suits already having been filed, not least the latest and likely the most consequential The New York Times against Microsoft and OpenAI. As a historian, I have a prognostication: fair use will be found for the training of large language model artificial intelligence pursuant to the fifth prong of fair use added by the judiciary: transformative use. For output, infringement. And methinks before the court goes all the way, some deal will be cut, just as occurred with sampling.
But, no longer an administrator and therefore no longer beholden to the Beltway crowd, I renew my plea: let’s use this opportunity to reform copyright law with the goal of resetting the sacred and smart balance of innovation and incentive established by Constitution (and therefore it should be appealing to the originalists, even though we all know that concept is a political pretext) as our North Star.
A comprehensive review of how cybersecurity is structured in our federal government with an eye on balancing national security and civil liberties. Fractured cybersecurity responsibilities shoehorned into our antiquated agency system may not be the most efficient approach to global threats. To wit: we have major cybersecurity responsibilities in the White House, the National Security Administration and the Department of Homeland Security, just to name three, and then sprinkled throughout all remaining agencies, nominally managed at the implementation level by the National Institute of Standards and Technology.
The Biden National Cybersecurity Strategy is an excellent start, but I have no faith in the enforcement of its implementation plan, through no fault of its authors, but because it is so likely to get caught in the crosshairs of our market-driven economy and a Congress hobbled by lobbyists. Similarly, the regulation of the internet (broadly defined) spans 17 federal agencies. Compare all of that to the People’s Republic of China, which has one comprehensive office and a tight knit between the Chinese Communist Party and the military, notwithstanding lapses and its own weaknesses for maintaining a too-tight connection.
Built into the structural conundrum is a legal one about electronic surveillance. The principal laws that cover this territory are the Foreign Intelligence Surveillance Act (FISA) and the Electronic Communications Privacy Act (ECPA). The first should be repealed and the second should be reformed, absorbing critical components of FISA but without the secret courts. Secret courts are not consistent with a democratic republic. There are already existing procedural means that could be bolstered in our regular Title III criminal courts to address the necessary cover for covert activities—we use them in domestic criminal law enforcement.
Why are these changes so important? During my time running for Congress (New York’s 23rd District, 2018, 2020) I absorbed the profound distrust of government from so much of the electorate in the plus-20 Republican district. When I traced back this distrust historically, I found dominant threads in foreign policy mistakes dating back to the post–WWII period (Iran, Korea, Vietnam, Guatemala, Chile and Iraq, to name the big ones) laced together with the increased opacity of both our foreign (CIA) and domestic (FBI) operations and surveillance.
Another thread of distrust comes from complicated and contradictory reaction to the failure of both parties to do anything to help the farmers and small manufacturers that got left behind in rural areas amid globalization. Republicans have scapegoated those resentments while Democrats recognized the power of that resentment, and how to address it emotionally as well as in policy, too late. Asymmetries between untruthful and conspiratorial right-wing media and a center-left media that has its head in the sand purporting neutrality exacerbated that distrust. These issues still animate our politics.
Meanwhile, our foundational wiretapping law, ECPA, was codified in 1986, about seven years before the internet became public—not to mention a profoundly important component of communications, content and commerce. Amended by the USA–Patriot Act of 2001—with sunset provisions ongoing as recently as earlier this month with the reupping of FISA section 702—ECPA is so sorely in need of a comprehensive redo that it is become almost ridiculous to mention it. Senator Leahy tried valiantly for many years. A Congress that could only joke about how members’ grandchildren taught them how to use their iPhones was completely incapable of understanding enough of what the technology and law and its implication for privacy and fundamental constitutional values to take a serious step.
To help educate the public about this lack of understanding was second to national security and broadband deployment in underserved areas (such New York 23) on my list of hopes to contribute to Congress. Alas … But I am glad to report that there are now 13 members of the House who have expertise in internet technologies. Two of them, Elissa Slotkin of Michigan and Abigail Spanberger of Virginia, both former CIA analysts, are running for higher offices (vote for them!). And let’s hope for meaningful reform that enhances national security by rebalancing privacy and domestic tranquility in our electronic surveillance laws.
Global internet governance is the third prong of cybersecurity. About this subject, too, I have written much in the past. Suffice it to say, again, that technology is not the solution to cybersecurity challenges. The United States was in the lead for so long in this area, but as such it also has become the central target and cannot be expected to withstand forever the attacks from so many sources—Russia, China, North Korea and Iran head the pack of nation-state attacks, not to mention organized crime, hacktivists and other lone wolves. To date, there is no international law to work with technology to address these threats. International law is handicapped by its failure to add the internet to the four pillars of its foundational approach (land, sea, air and space). The State Department under Secretary Blinken has posted inspirational documents, including the Declaration for the Future of the Internet. If we could only move onto these more hopeful projects …
- Social media
That should do it for now. Enjoy this celebratory season and happy New Year!